add-pdf-reader
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and merges updates from the vendor's official GitHub repository (github.com/qwibitai/nanoclaw-whatsapp.git) to integrate PDF processing logic and utilities.\n- [COMMAND_EXECUTION]: Executes shell commands to build the application and manage system services (npm, launchctl, systemctl) as part of the installation process.\n- [DATA_EXFILTRATION]: Utilizes network operations to download PDF files from user-provided URLs for processing.\n- [PROMPT_INJECTION]: Processes content from external PDF files provided via WhatsApp or URLs, creating a surface for indirect prompt injection attacks where the agent might obey instructions embedded in documents.\n
- Ingestion points: WhatsApp attachments and external URLs (SKILL.md).\n
- Boundary markers: None identified in the provided installation logic.\n
- Capability inventory: File system access and command execution via the pdf-reader tool (SKILL.md).\n
- Sanitization: No sanitization or verification of PDF content is described.
Audit Metadata